Legal claims defining the scope of protection, as filed with the USPTO.
2. The computer-implemented method of claim 1, wherein determining whether the iframe is associated with a trusted domain utilized for processing the payment information to complete the customer transaction session comprises validating the iframe against a list of trusted hosted iframe locations provided by a payment gateway.
3. The computer-implemented method of claim 1, wherein determining whether the iframe is associated with a trusted domain utilized for processing the payment information to complete the customer transaction session comprises identifying a primary domain associated with the online merchant website in HTML comprising the payment page to determine if the iframe is associated with a trusted domain.
4. The computer-implemented method of claim 1, wherein determining whether the iframe is associated with a trusted domain utilized for processing the payment information to complete the customer transaction session comprises identifying a subdomain associated with the online merchant website in HTML comprising the payment page to determine if the iframe is associated with a trusted domain.
5. The computer-implemented method of claim 1, wherein performing the security action that protects against the potential malware attack comprises alerting the user that the iframe is suspicious.
6. The computer-implemented method of claim 1, wherein the suspicious iframe is a fake iframe injected into the online merchant website.
8. The system of claim 7, wherein the determining module determines whether the iframe is associated with a trusted domain utilized for processing the payment information to complete the customer transaction session by validating the iframe against a list of trusted hosted iframe locations provided by a payment gateway.
9. The system of claim 7, wherein the determining module determines whether the iframe is associated with a trusted domain utilized for processing the payment information to complete the customer transaction session by identifying a primary domain associated with the online merchant website in HTML comprising the payment page to determine if the iframe is associated with a trusted domain.
10. The system of claim 7, wherein the determining module determines whether the iframe is associated with a trusted domain utilized for processing the payment information to complete the customer transaction session by identifying a subdomain associated with the online merchant website in HTML comprising the payment page to determine if the iframe is associated with a trusted domain.
11. The system of claim 7, wherein the security module performs the security action that protects against the potential malware attack by alerting the user that the iframe is suspicious.
12. The system of claim 7, wherein the detection module analyzes, in the HTML associated with the iframe on the payment page, the DOM to identify the payment form by identifying payment information received from at least one of a third party service provider and a payment gateway during the customer transaction session.
13. The system of claim 7, wherein the suspicious iframe is a fake iframe injected into the online merchant website.
15. The computer-implemented method of claim 1, wherein analyzing, in the HTML associated with the iframe on the payment page, the DOM to identify the payment form comprises identifying payment information received from at least one of a third party service provider and a payment gateway during the customer transaction session.
16. The non-transitory computer-readable medium of claim 14, wherein the one or more computer-executable instructions cause the computing device to identify the iframe on the online merchant website by parsing HTML comprising the payment page to identify the iframe.
17. The non-transitory computer-readable medium of claim 14, wherein the suspicious iframe is a fake iframe injected into the online merchant website.
18. The non-transitory computer-readable medium of claim 14, wherein the one or more computer-executable instructions cause the computing device to analyze, in the HTML associated with the iframe on the payment page, the DOM to identify the payment form by identifying payment information received from at least one of a third party service provider and a payment gateway during the customer transaction session.
19. The non-transitory computer-readable medium of claim 14, wherein the one or more computer-executable instructions cause the computing device to determine whether the iframe is associated with a trusted domain utilized for processing the payment information to complete the customer transaction session by validating the iframe against a list of trusted hosted iframe locations provided by a payment gateway.
20. The non-transitory computer-readable medium of claim 14, wherein the one or more computer-executable instructions cause the computing device to determine whether the iframe is associated with a trusted domain utilized for processing the payment information to complete the customer transaction session by identifying a primary domain associated with the online merchant website in HTML comprising the payment page to determine if the iframe is associated with a trusted domain.
Unknown
November 7, 2023
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.